Enterprise IDAM Product Manager

R-00178346

Description

Leidos has an opening for a Product Manager supporting Enterprise Identity, Credential, and Access Management (IDAM) within the U.S. Air Force Cloud One Architecture & Common Shared Services (ACSS) program. Under Cloud One ACSS, the Leidos team delivers enterprise cloud architecture, foundational shared services, and secure platform capabilities enabling mission systems across multi-cloud and hybrid environments.

The Enterprise IDAM Product Manager will define and manage identity services that span AWS, Azure, GCP, Oracle Cloud Infrastructure (OCI), and hybrid/on-premises environments. This role ensures identity architecture aligns with DoD Zero Trust strategy, supports Impact Levels (IL2–IL6), and enables secure, seamless access to mission systems across classified and unclassified domains.

You will work closely with cybersecurity architects, cloud platform engineers, network teams, and government stakeholders to implement enterprise-grade identity federation, privileged access management, role-based access control, and continuous monitoring solutions that form the foundation of Zero Trust architecture.

Ideal candidates will have the ability to travel to the Tewksbury, MA area as needed.

Primary Responsibilities:

• Enterprise Identity Strategy & Roadmap.
  
• Support and maintain the product vision and roadmap for cross-cloud IDAM services within Cloud One ACSS.
  
• Align identity services with Department of the Air Force Zero Trust Architecture and DoD Enterprise Identity Strategy.
  
• Enable standardized identity patterns for multi-cloud and hybrid environments.
  
• Ensure interoperability across AWS IAM, Azure Entra ID, GCP IAM, OCI IAM, and on-prem Active Directory services.
  
• Identity Federation & Access Governance
  

Lead lifecycle management of enterprise identity services including:
-Single Sign-On (SSO).
-Multi-Factor Authentication (MFA).
-Role-Based Access Control (RBAC).
-Attribute-Based Access Control (ABAC).
-Privileged Access Management (PAM).

• Enable federation using SAML, OAuth 2.0, OpenID Connect, and cross-domain identity brokers.
  
• Support centralized identity governance and lifecycle management.
  
• Define policies for least privilege access and just-in-time elevation.
  
• Zero Trust & Continuous Verification:
  
• Support implementation of Zero Trust principles including identity-centric access controls.
  
• Integrate conditional access policies and risk-based authentication.
  
• Enable device trust and identity verification mechanisms.
  
• Ensure identity telemetry feeds into enterprise security monitoring and SIEM platforms.
  
• Compliance, RMF & Security Integration:
  
• Ensure identity services comply with RMF, FedRAMP High, DoD SRG, DISA STIGs, and NIST 800-53 controls.
  
• Support identity components required for IL2–IL6 environments.
  
• Partner with cybersecurity teams to maintain ATO posture and continuous monitoring compliance.
  
• Develop audit logging and identity monitoring frameworks.
  
• Hybrid & Cross-Domain Integration:
  
• Enable identity synchronization between cloud and on-prem environments.
  
• Support integration with DoD PKI and CAC authentication.
  
• Facilitate cross-domain identity solutions where applicable.
  
• Ensure compatibility with classified and mission partner environments.
  

Stakeholder Engagement & Governance:

• Serve as primary liaison between government leadership, cybersecurity stakeholders, and cloud platform teams for IDAM capabilities.
  
• Translate mission requirements into prioritized identity services and backlog features.
  
• Conduct executive briefings on identity risk posture, compliance status, and roadmap evolution.
  
• Participate in architecture review boards and Integrated Product Teams (IPTs).
  

Documentation & Enterprise Communication

Develop and maintain:
-Identity reference architectures,
-Access governance policies.
-Federation implementation guides.
-Compliance documentation artifacts.

• Publish enterprise identity standards and integration patterns.
  
• Maintain transparency on service maturity and security posture.
  

Basic Qualifications:

• Bachelor’s degree and 8+ years of experience in identity management, cybersecurity, enterprise IT or a Masters with 10+ years of applicable experience.
  
• 3+ years of experience in product management.
  
• Active DoD Secret clearance required; Top Secret preferred.
  
• DoD 8570.01 IAT Level II certification required prior to onboarding.
  
• 3+ years of experience implementing enterprise IDAM solutions.
  
• Experience supporting identity services in multi-cloud and hybrid environments.
  

Strong understanding of:

• SAML, OAuth 2.0, OpenID Connect.
  
• RBAC and ABAC models.
  
• Federation and cross-account identity models.
  
• Privileged Access Management.
  
• CAC/PKI authentication integration.
  
• Experience supporting RMF and IL4/IL5 ATO processes.
  
• Experience operating in Agile and DevSecOps environments.
  
• Strong executive-level communication skills.
  

Required Certifications:

• Certified Information Systems Security Professional (CISSP) or equivalent.
  
• Certified Identity and Access Manager (CIAM) or similar credential.
  
• Certified Scrum Product Owner (CSPO) or equivalent.
  
• SAFe Product Owner/Product Manager (POPM) or Agile certification.
  
• Preferred Certifications:
  
• Microsoft Identity and Access Administrator Associate.
  
• AWS Security Specialty.
  
• Google Cloud Professional Security Engineer.
  
• Oracle OCI Security Professional.
  
• Certified Information Security Manager (CISM).
  
• ITIL v4.
  
• PMP Certification.
  

Preferred Experience:

• Experience supporting Cloud One or DoD Enterprise Cloud programs.
  
• Experience implementing Zero Trust architectures in regulated environments.
  
• Experience with enterprise IAM tools such as Okta, Ping, SailPoint, CyberArk, or similar.
  
• Experience integrating identity telemetry into SIEM or SOAR platforms.
  
• Experience supporting cross-domain or classified identity environments.
  
• Desired Attributes:
  
• Strategic thinker with strong understanding of Zero Trust principles.
  
• Strong collaborator across cybersecurity, networking, and cloud engineering teams.
  
• Risk-aware decision maker focused on secure-by-design identity architecture.
  
• Comfortable operating in high-visibility, mission-critical DoD programs.
  

C1NACSS

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.
Original Posting: March 13, 2026

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range: Pay Range $107,900.00 - $195,050.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

About Leidos

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com .

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits .

Securing Your Data

Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at LeidosCareersFraud@leidos.com .

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission .

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

#Remote